WebmasterID logoWebmasterID
Legal

Cookie Policy / Tracking Technologies

What WebmasterID does and does not use in the browser, and what site operators remain responsible for.

Last updated

This page describes the tracking technologies WebmasterID uses (and does not use) in the browser. It covers both the WebmasterID tracker as installed on customer sites and the marketing site you are reading now.

Summary

WebmasterID does not currently rely on cookies, localStorage, or fingerprinting for browser analytics. The tracker is a small JavaScript file that posts an anonymous, aggregate page-view event to the ingest API and exits.

What the tracker does

  • Sends a single page_view event per page load.
  • Hooks history.pushState, replaceState, and popstate to fire one event per client-side route change.
  • Submits the event as a plain string body via navigator.sendBeacon with Content-Type: text/plain;charset=UTF-8 — a CORS-safelisted MIME, so no preflight is required.
  • Honors Do Not Track (DNT) and Global Privacy Control (GPC): opted-out browsers send nothing.

What the tracker does NOT use

  • No HTTP cookies (first-party or third-party).
  • No localStorage or sessionStorage tracking identifiers.
  • No IndexedDB, no service-worker fingerprinting.
  • No canvas, audio, font, or device-entropy fingerprinting.
  • No cross-site identifier of any kind.
  • No third-party scripts loaded from outside our origin.

"Similar technologies"

Cookie-policy templates often refer to "cookies and similar technologies." For WebmasterID specifically, the only browser-side technology used is the JavaScript tracker file itself. There are no pixels, no web-beacons, no local-storage-backed identifiers, no Web SQL fallbacks, and no embedded third-party SDKs.

This marketing site

The WebmasterID marketing site (this site) presents a one-time consent banner when you first visit. The banner stores your choice as a single first-party preference under the key webmasterid_consent in localStorage. Possible values are analytics_accepted or necessary_only. The value is purely a UI preference (so the banner does not reappear) and is never sent in analytics payloads, never used as a visitor ID, and never shared.

If you choose Accept analytics, the marketing site loads its own copy of the WebmasterID tracker and records one anonymous page_view per page load — exactly what is described above. If you choose Necessary only, no tracker is loaded and no analytics requests are made from your browser. You can clear your localStorage for this origin to be re-prompted.

DNT / GPC

When a browser signals DNT or GPC, the tracker exits early client-side and the ingest API additionally discards anything that arrives with those headers. This applies on every site that runs the WebmasterID tracker.

Operator responsibilities

WebmasterID is designed to minimise the privacy surface, but site operators (controllers) remain responsible for their own compliance. Depending on jurisdiction and implementation, you may be required to disclose analytics in your own privacy notice and, in some cases, obtain consent for certain tracking technologies. We do not claim that "no consent is ever needed."

If we add cookies later

If WebmasterID introduces cookies, persistent identifiers, or other tracking technologies in the future, this policy will be updated before those changes are deployed. Material changes will be reflected in the "Last updated" date at the top of the page.

Contact

Questions about this policy can be sent to info@helperg.com. See also our Privacy Policy, Data Processing page, and Terms.

This page is provided in good faith and reflects the actual product behaviour as of the last-updated date. It is not legal advice. Final review by qualified counsel is recommended before public SaaS launch.

← All legal pages